CIS 106a: Introduction to Operating System Concepts

Chapter 9: Windows on the Internet

 

Objectives:

This chapter is about TCP/IP networks and using them with Windows computers. Objectives important to this chapter are:

  1. The TCP/IP protocol suite
  2. Connecting to the Internet
  3. Enhancing security with a router
  4. Internet-related client software
Concepts:

The chapter begins by reminding us how client/server environments work: a client makes a request to a server, and the server delivers the service requested. (In the background there is often an authentication process, to prove that the requester is authorized to use the service.) The text reminds us that programs installed on servers can be called services.

A web browser is an example of a client that makes a request to a server. The request is typically answered by the delivery of a web page to the browser. The "web server", in fact, is a service. It is confusing because the word server can mean two different things:

  • the physical device that provides services (a computer)
  • an actual program (service) running on that physical device

The word port also means several different things to computer people:

  • A port can be a jack, the socket on a device that you plug a physical connector into, such as the RJ-45 port on a NIC that connects it to a drop cord that connects to a LAN jack
  • A port is also a label that stands for a place in a server's memory where a particular service is running. You could think of it as being like a place where requests "plug" into a logical place in the server's working memory. The words socket and service are synonyms for this definition of port.

Using the second definition, when a web browser makes a request to a web server for an ordinary page, it is making that request on port 80 on the server's web service. This is the default port for World Wide Web traffic. Port 80 does not have to be specified, because it is the default port for a web server.
One way to go to my web site is to tell the browser to go to http://stevevincent.info
It would be equally valid to specify the port number: http://stevevincent.info:80

As the text points out, you can append a port number to the end of an IP address as well. Are you aware that when you tell the browser to go to a named web site (like www.cnn.com) the first thing the browser does is to request that the name be translated into an IP address? It usually happens so quickly that users miss seeing it in the status line of the browser window.

A port number can be any number from 1 through 65535. Ports 1 through 1023 are called Well-known ports. Several port numbers are assigned to specific services through conventions established by ICANN. (A listing may be found in RFC 1700.)

  • 20 - FTP, File Transfer Protocol, data
  • 21 - FTP, File Transfer Protocol, control
  • 23 - Telnet, remote terminal service
  • 25 - SMTP, Simple Mail Transfer Protocol
  • 53 - DNS, Domain Name Service (how web names get translated to IP addresses)
  • 443 - HTTPS, secure version of HTTP
  • 80 - HTTP, Hypertext Transfer Protocol, delivers web pages
  • 110 - POP3, Post Office Protocol 3

Ports 1024 through 65535 are Registered ports. ICANN does not assign these port numbers.

As you may gather from this list above, some ports are associated with specific protocols, rules for network communication. This means that the program supporting that protocol is expected to be running on the server at a memory location named by the port number.

The text gives us a simplified view of what happens when a client makes a request using a network protocol:

  • Application sends request to Operating System
  • (trust me, we skip about seven major steps here)
  • OS passes request to NIC
  • NIC places request on network
  • (lots of steps may go here, depending on how many networks the request passes through)
  • NIC on the receiving computer sends the request to OS on receiving computer
  • (again, about seven major steps are skipped here)
  • OS passes request to Web server application
  • Web server responds by sending data to OS, which will then be processed and sent to the NIC, and on to the network

The text names several different protocols, but does not discuss most of them. If you want to know something about any of them, use the Whatis link I put on the menu for this class to request an overview of them.

  • Transmission Control Protocol (TCP), is connection-oriented. This is the protocol that makes the TCP/IP suite reliable.
  • User Datagram Protocol (UDP) operates in the Host-to-Host Layer, but it is connectionless, so it is faster than TCP. Connectionless protocols send their data but they do not check to see if the intended receiver got the data.
  • Internet Protocol (IP) is a connectionless protocol that supports routing (finding paths to networks), fragmentation (breaking data into numbered pieces) , and reassembly (reassembling the pieces into usable data).
    Note: if you have to decide whether a protocol is connectionless (IP, IPX, UDP) or connection-oriented (TCP, SPX), it is connectionless if it starts with a vowel. This trick only applies to protocols that you need to categorize this way.
  • Internet Control Message Protocol (ICMP) is used to send error and control messages to Upper Layer Protocols (because they are concerned with error and flow control).
  • Address Resolution Protocol (ARP) is used on IP networks to resolve an IP address (4 bytes) to a MAC address (6 bytes). You may wish to review the fact that MAC addresses are typically shown as 12-character Hexadecimal strings. One byte can be expressed as two Hex characters. Reverse Address Resolution Protocol (RARP) is the reverse of ARP: it is used to resolve a known MAC address to an unknown IP address. ARP tables are constructed by sending broadcast ARP requests to the network, and recording the responses as IP address/MAC address pairs. (The ARP table is held in a computer's memory until it is rebooted.)
  • Reverse Address Resolution Protocol (RARP) and BOOTP. These protocols are designed to give an IP address to a workstation on boot. They are typically used on diskless workstations, which have no medium on which to record their IP addresses.

The text discusses several utilities found on most Windows and UNIX workstations:

  • hostname - This command will respond with the name of your device in your domain.
  • IPCONFIG - shows useful information on Windows NT and later machines, like the IP address, default router, and subnet mask. More information is shown if the command is entered as
    • IPCONFIG /all
    • IPCONFIG /release will release the currently held IP address to the DHCP server that gave it
    • IPCONFIG /renew will obtain a new lease from the DHCP server for an IP address
  • WINIPCFG - Like a light version of IPCONFIG, found on Windows 95, 98, and Me computers.
  • IFCONFIG - a UNIX command that can be used to view or configure the network interface settings for a workstation
  • PING - can be issued on a command line, and has an extensive list of options. Usually, the options are unnecessary. You can ping the address 127.0.0.1, which stands for the IP stack on the machine you are using. You may also want to ping the IP address you think you have, with your network cable unplugged. Pinging the local loopback proves you have a working IP stack. Pinging your actual address, when unplugged, proves you have that address.
    Be aware that you can ping an IP address or a DNS name.
  • TRACERT (Trace Route) - This command will show how long each link in a route takes, as well as showing links that fail to pass packets to the next link. Successful transfers of data will report the total time to the destination. You can limit the trace to a specific number of hops with the command
    tracert -h hop_limit
    where hop_limit is a number.
  • ROUTE - all devices on an IP network have routing information tables in their memory. ROUTE allows you to view that information, and to modify that information. The reason you would want to modify it is you need to do so when routing tables are static and they need to be changed.

The text moves on to discuss various methods of connecting to the Internet. A brief discussion of dial-up and direct connections tells us that a dial up connection is temporary in nature, and you are charged for the time you are connected. A direct connection is theoretically available any time you want it, typically providing more bandwidth than dial-up, and charges are usually based on term of contract, not usage.

Dial-up connections are usually made with a modem, using one of two protocols: SLIP or PPP.

  • Serial Line Internet Protocol (SLIP) - an older dial-up protocol. Variations exist which are not mutually compatible
  • Point-to-Point Protocol (PPP) - an improved dial-up protocol. Supports several features that SLIP does not: dynamic IP addressing, multiple protocols on the same link, passwords, and error control.
  • Other protocols are used during the connection, for various purposes.

Modems are called that because they take a digital signal from a computer, and modulate that signal into an analog signal to pass across a telephone line. On the other end of such a connection, the receiving modem demodulates that signal, and turns it into a digital signal for the receiving computer. (Analog signals have the potential to represent an infinite number of values inside the top and bottom of their ranges. Digital signals are restricted to specific values within their ranges.)

Dial-up connections typically use analog phone lines, which are limited to 56 Kilobits per second. In actuality, a 56 Kbps modem cannot give better than 53 Kbps download speed, and often provides less. Upload speed on such a modem is limited to 33.6 Kbps, and is often slower.

Technically, ISDN modems are still modems, but they are not really "dial-up" devices, and they provide much greater bandwidth. An ISDN connection can provide 64 Kbps if you have one data channel, and 128 Kbps if you have two data channels.

Types of Internet connections that may be offered by various ISPs :

  • LAN connection - Local Area Networks generally connect to the Internet through routers which may be connected to an ISP. This kind of connection is often at T1 or T3 speed. (T1 is 1.544 Megabits per second. T3 is 44.736 Mbps, usually rounded up to 45 Mbps.)
  • Cable TV modem - Cable modems are the most recent of these types of connections. The text notes that attainable bandwidth is often limited by the equipment on the user's side of the modem. This is outdated. Consumer network cards often run at 10 or 100 Megabits per second. Testing my cable modem, I am attaining about 3.5 Mbps for downloads from the Internet.
  • xDSL (Digital Subscriber Line) variants are also available in some locations. Prices vary, and you cannot connect to such a line unless you are within a limited distance from a telephone company switch. For those who can get such service, line speed can be about 1 Mbps upstream, up to 8 Mbps downstream. The text indicates that 8 Mbps download speed is a more common limit. Variants:
    • ADSL (Asymmetric Digital Subscriber Line) - download speed is faster than upload speed, as noted above. Can use the same line for voice service: the next two variants cannot.
    • HDSL (High Bit Rate Digital Subscriber Line) - upload and download speeds are typically the same, but more cables are required to reach higher speeds
    • SDSL (Symmetric Digital Subscriber Line) - upload and download speeds will be about the same for this variant, up to 2 Mbps
  • Satellite access - may be available to potential subscribers in areas where there is no cable data service, and the location is too far from telephone equipment for any option other than POTS to be available. Requires a satellite dish, and service will be affected by weather.
  • Wireless access - Ask ten people what they mean by wireless access and you will get ten different, incomplete explanations. In a coffee shop, you may connect your laptop wirelessly to a hotspot that connects to LAN that connects to the Internet. In your home, you may have a wireless connection to a hotspot, or to a router that connects to your ISP.

Cable modems and DSL boxes are common enough that the text offers tips on installing them:

  • Connect the PC to the cable modem (or DSL box)
  • Connect cable modem/DSL box to broadband jack (a cable modem connect to a cable jack; a DSL box connects to the DSL jack installed by the phone company)
  • Plug in the power supply to the cable modem/DSL box and turn it on
  • Configure TCP/IP settings for connection to the ISP (you may need to call the ISP and give them the MAC address of your cable modem, if you purchased your own)
  • Test connection by using a browser to surf the Web

These steps may need adjustment. For example, you may need to configure and reboot your computer. You may need to power up the modem, then power up the computer. Look for specific instructions for the device you are configuring.

Should you need to install an analog modem (for use with regular phone lines) expect Windows to provide a wizard to help you install it. Follow the instructions in the wizard.

The text offers advice about sharing a connection to the Internet.

  • If you have a cable modem, and want to connect two computers, it is possible to connect one computer to the cable modem, and to connect the second computer to the first computer with a crossover cable. This is inconvenient in two ways:
    • you have to be able to connect one of the computers to the cable modem and to the other computer at the same time
    • for the second computer to use the Internet connection, the first computer needs to be running
  • If you want to connect three or more computers to a cable modem, there is a better way. A switch is a network concentration device: it provides a point for several computers to plug in to the same network. A router is an internetwork connection device: it provides a way to connect two or more networks together.
    • buy a router - a consumer version of a router will act like a switch and a router
    • connect your computers to the switch portion of the router - the router will act like a server, assigning IP addresses to your computers on its own network
    • connect the router to the cable modem - the router will connect your network to your ISPs network
    • the router will also act as a firewall to protect your network (see below)

If you have a broadband connection to the Internet, make sure you do three things:

  • Keep your security patches up to date: Operating Systems and applications both need patches
  • Use an anti-virus program, and keep it up to date: you can't be protected against new viruses by an old program
  • Use a firewall to keep intruders out of your computers and your network. Windows XP has one built in, but so do many anti-virus programs.

If you buy a wireless router, the number of devices you can connect will not be limited by the number of physical ports on the switch portion of the router. However, you should apply wireless security settings to prevent neighbors and other unintended users from joining your network. (This is not being stingy. It is usually a requirement of your service agreement with your ISP.)

Note: routers have default accounts and default passwords. CHANGE the PASSWORD while you are configuring your router. Make a note of it somewhere, because you will not use it often. Don't let the hackers in by leaving the password at the default value.

The text moves on to consider Virtual Private Networks (VPNs). A common way VPNs are used is to make connection to a company network across the Internet. Users should be cautioned that the line speed of such a connection is usually much slower than they are used to on their regular network workstation. Line speed is more properly referred to as data transfer rate, which is measured in bits per second (bps). Depending on the speed of the connection, speed may be measured in Kilobits per second (Kbps) or Megabits per second (Mbps).

  • Remote user sends ID and password to an authentication server
  • Authentication server encrypts data. Various encryption protocols are used; e.g., CHAP - Challenge Handshake Authentication Protocol is the most secure protocol typically available
  • Tunnel is created so all data transferred is encrypted
    • Various tunneling protocols are used; e.g., PPP

The information needed to find a host on the Internet is too complex and too fluid to assume it is saved on any single server. When the Internet became too large for any single file to hold all the information, a new system was needed, so DNS (Domain Name Service) was invented. DNS uses a hierarchy, a tree shaped structure that branches as you go down the tree.

  • The DNS tree starts at what is called the root-level domain.
  • All root-level domain servers know how to get to all top-level domain servers. Top-level domain servers are the authorities of their domains, like .com, .net, and .org, as well as .ca, .au, .ch, and all the other top-level domains. Servers at this level can be called primary or master servers.
  • In its domain, each top-level server knows the addresses of each second-level domain server, such as microsoft.com. These are the registered domain servers. Registered domains can include subdomains, so they are included in this level as well. Servers at this level can be called secondary or slave servers.

DNS is a distributed database system, which means that many servers each hold part of the DNS system. What the system does is provide translation from Domain Names (names of web sites, for instance) to IP addresses. If I tell you to check out the information at server 64.236.16.84 this week, will you remember that address? Thanks to DNS, you don't have to remember the numbers. Its URL (Uniform Resource Locator) name is www.cnn.com. You can enter either the address or the name in the address line of a browser. Either will take you to the same web site.

Back to the distributed idea. The Internet is divided into Domains. Baker College, for example, has been assigned a subdomain (called Baker) in the edu domain, which is for colleges that offer 4-year degrees and more. edu is a top-level domain. A domain name is limited to 255 characters, and each label in it (the parts separated by dots) is limited to 63 characters.

Note that a URL can use other protocols (not just http), can also include a port number, may include a path through several folders, and may end with a filename.

Your book wants you to be familiar with several top-level domains:

air Aviation entities
com Commercial entities
edu Educational institutions
gov Agencies of the U.S. Federal government
info General use, like org
mil US Military
net Computers of network providers
org Miscellaneous: for organizations that do not fit anywhere else
biz Businesses. This is essentially an alternative to .com
name Personal URLs. A person can apply for a subdomain for their own name.
pro Professional organizations.
au Australia
ca Canada
de Germany (Deutschland)
uk United Kingdom

Most countries have two letter domain names. Some, like Germany, are not intuitive until you remember what the country is called in the language spoken there. For more information about domains, go to www.iana.org.

The chapter reminds us that Microsoft is not the only company that makes web browsers, but it makes the most widely used web browser: Internet Explorer (IE). Several configuration settings for IE are listed:

  • Pop-up blocker
  • Internet Explorer security levels
  • Control how and if scripts are executed
  • Configure ActiveX controls
  • Control proxy settings

The text discusses some encryption methods used with web browsers for secure financial transactions:

  • Secure Sockets Layer (SSL) - used by web browsers to provide secure connections. Works with HTTPS instead of the HTTP protocol.
  • Transport Layer Security (TLS) - An improved version of SSL

To understand, you have to understand public and private key cryptography. A key is an algorithm, a method of turning plain text into encrypted text, and vice versa. Keys are also used to encrypt and decrypt messages. In a private key system, the senders and receivers of messages all use the same key.

Public key cryptography is an encoding scheme that assigns every user two keys. These keys are used to prove the identity of the sender of a message. Either of the keys can be used to encrypt a message. Whichever key is used to encrypt the message, the other key must be used to decrypt it. One of the two keys is called a user's public key. This key is delivered to anyone who needs it, and is used to decrypt messages that were encrypted with the user's other key, the private key. (The private key is never given to anyone except the key's owner.) This method proves to message recipients that the message originated from the owner of the private key. Likewise, messages sent to the owner can be encrypted with the public key, and can only be decrypted with the owner's private key, ensuring security.

The process of delivering public keys to people who need them is a problem. How do you know that the proof you are accepting is reliable? Public keys need to be verified by a Certificate Authority (CA).

Various network vendors provide a CA in their Certificate Servers. Now the terminology changes a bit. Messages may be sent to a server/provider with a digital signature. A user can create a digital signature with their private key, and register that digital signature with a Certificate Authority. The signature may also be created by the CA and delivered to the user, since the CA may be the source of both of the user's keys.

Example: A user sends a message to an online vendor, including a digital signature, created with the user's private key. That signature may be verified with the CA that the user is registered with. The CA receives a request for verification from the vendor and checks out the signature. If the signature is valid, the CA then sends an encrypted message to the vendor including the public key of the original user, allowing the vendor to read the digital signature. In this way, the vendor does not get the user's information until it has been established that the message is really from the user.

Encryption can also be done strictly with public and private keys. Consider buying something online, using a web browser. The buyer is sent the public key of the store through the browser. The browser encrypts the buyer's credit card data, and sends to the store's server. The server decrypts the data using the store's private key. (A problem exists here: the store has no secure way to send encrypted data back to the buyer, unless the buyer has a public and private key of his/her own. So, a key pair can be created for the buyer as well.)

The text moves on to consider email programs. Several protocols can be used. Examples:

  • SMTP: Simple Mail Transfer Protocol
  • SMTP AUTH (SMTP Authentication): improved SMTP
  • POP: Post Office Protocol
  • IMAP4: Internet Message Access Protocol, version 4

One of the most widely used protocols is FTP, File Transfer Protocol. When you download a file on the Internet you typically use FTP or HTTP.